Access control systems such as personnel security cards to limit access to enclosed areas such as buildings, rooms within buildings, or fenced-in regions to only those personnel who have permission to enter are often employed. Conventional access control systems include access card readers at doors of the secured building. People who have permission to enter the building are often provided with an access control card that can be read by access card readers. The card reader reads information from the card, and transmits the information to a control panel, which determines whether the entrance (such as a door) should be unlocked. If the door should be unlocked (i.e., the card is associated with a person who has permission to enter), the control panel then sends a signal to the locking mechanism of the door, causing it to unlock.
Conventional access control systems have several drawbacks and fail to take advantage of more recent and advanced technologies.
For example, many conventional systems utilize radio frequency identification devices (RFIDs) for identification of the personal security card to the access control system. The access card reader includes an RFID transceiver, and the access card includes an RFID tag or transponder. The RFID transceiver transmits a radio frequency query to the card as the card passes over it. The transponder includes a silicon chip and an antenna that enables the card to receive and respond to the RF query. The response is typically an RF signal that includes a pre-programmed identification (ID) number. The card reader receives the signal and transmits the ID number to the control panel via a wire connection. Conventional card readers are not very sophisticated. These card readers may perform some basic formatting of the identification data prior to sending it to the control panel, but are generally unable to perform more sophisticated functions with regard to securing digital communications.
The control panel is typically mounted on a wall somewhere in the building. The control panel conventionally includes a bank of relays that are each controlled by a controller device. The controller device accesses memory to determine whether the identification number received from the card reader is recognized and valid. If so, the controller causes the associated relay to open (or close) and thereby sends a signal to the door lock, which, if the signal is proper, causes the lock to enter the unlocked state. The lock typically remains unlocked for a specified amount of time.
Conventional control panels also have several deficiencies. In many instances, control panels consume a relatively large amount of space in relation to the number of doors they control. A control panel typically includes a specified number of relay banks, with each bank uniquely associated with the door it controls. For example, a control panel may have eight relay banks to control eight doors. Such a control panel could easily take up a 2 square foot area when mounted on a wall. If more than eight doors need to be controlled, then an additional control panel must be installed.
In addition, the “closed” architecture of conventional control panels make them inflexible, costly to maintain, and not user friendly. The closed architecture of the conventional control panels means that their design, functionality, and specifications are not disclosed by the manufacturers or owners. In addition, the control panel design is typically very complex, and specialized for a particular purpose, which renders them inaccessible by a typical building owner who has no specialized knowledge. As a result, when a control panel fails or needs to be upgraded, the building owner must call a specialized technician to perform maintenance or upgrading. The monetary costs associated with a technician's services contribute to excessive maintenance costs. In addition, a great deal of time is wasted waiting for the service technician to arrive.
Specific security concerns for cellular phones often deal with the content of the communication itself (often protected by encryption methods), the integrity of the communication (often protected by error-checking and anti-virus software), and authorized access to the communication (often protected by account codes and passwords). For the purposes of this application the definition of mobile or smart phones is as follows;
A mobile phone is a portable telephone that can make and receive calls over a radio frequency link while the user is moving within a telephone service area. The radio frequency link establishes a connection to the switching systems of a mobile phone operator, which provides access to the public switched telephone network (PSTN). Most modern mobile telephone services use a cellular network architecture, and, therefore, mobile telephones are often also referred to as cellular telephones or cell phones. In addition to telephony, 21st century era mobile phones support a variety of other services, such as text messaging, MMS, email, Internet access, short-range wireless communications (infrared, Bluetooth), business applications, gaming, and digital photography. Mobile phones which offer these and more general computing capabilities are referred to within this disclosure as “smartphones”.
Computer and associated cellular phone networks have been compromised by determining authorized account codes and passwords, thereby gaining access to proprietary two-way communications for obtaining information and additional capabilities. Attempts to combat these unauthorized communications has taken many forms. Interception of two-way communications of private (and often individual) conversations by government agencies has become common-place.
One security measure implemented in typical communication systems is the authentication of communicating devices at registration, initiation or reception of the communication. Authentication is viewed as the process of confirming the identity of the communicating device, perhaps by transmission and reception of an account or identification code and a password. In applications where the communicating device is mobile, authentication often requires communication between or through a plurality of communicating devices or networks in order to verify the identity of the communicating device and often the user of the communicating device.
Another serious flaw with existing cellular telephone systems is referred to as the “false mobile station” syndrome. It is presently possible to copy the entire memory contents of a mobile station and to use that information to manufacture clones that can demand and receive service from the network. Cellular phones may be cloned by reading the entire memory contents of the phone, including its identification codes, “secret” keys, internally stored personal identification codes, signatures, etc., and writing the same codes into any number of similar “clone” phones. The cloning procedure can become quite sophisticated and may include software modifications which replace physically stored information with electronically stored information so that a number of stored mobile station identities may be cyclically rotated within one fraudulent mobile station and used to imitate several authentic mobile stations.
Many communication systems, including cellular telephone networks and personnel security cards having authentication or authorization systems and comprise a vast number of distributed communicating devices that transmit data to a central computer system. The central communication system is in charge of determining whether to allow the communication to go through or not. The central computer system may execute an authorization algorithm to determine if the security card has a valid account or identification number, if there is an available bio-identifier for the individual and, perhaps, if a valid personal identification number has been given or entered. However, sophisticated “hackers” have been able to duplicate valid identification numbers and determine one or more personal identification numbers.
Password protection provides a limited degree of security, primarily protecting a communication from access by persons who casually encounter the file, but this security can also be violated. Encryption is perhaps the most secure means for preventing outsiders from obtaining the content of the communication and, therefore, is in widespread use by corporations throughout the world for many or all of their electronic transactions.
However, the security of even the most sophisticated encryption methods remains jeopardized by the growing computing power available to individuals and groups. Complex encryption algorithms using 64 bit keys having 264 (about 1.8×1019) possible keys can become marginalized in terms of protection against outside access to the communication.
Therefore, there is a need for improved methods of securing communications between two or more communicating devices and/or users. More particularly, there is a need for devices and methods to ensure prevention of personnel security cards and cellular phones as well the content of the communication. Having a cellular or “smart” phone (smart phones are also those that have embedded memory and microprocessors) that combines security card-type access together with secured cellular phones to ensure proper secured access to users is also important. It would also be desirable to provide devices with a method for a simple measure of detecting the use of “cloned” communicating devices. Furthermore, it would be especially desirable if the method did not require any significant physical modifications to existing communicating devices, but rather are employed by the addition or modification of software.
To solve the above mentioned problems and drawbacks, the inventions disclosed in U.S. Pat. Nos. 6,466,780, 6,766,161, and 6,466,780 and the associated details are hereby incorporated by reference into the present disclosure in its entirety and for all proper purposes.